Most electronic voting isn't secure, CIA expert says

The CIA, which has been monitoring foreign countries' use of electronic voting systems, has reported apparent vote-rigging schemes in Venezuela, Macedonia and Ukraine and a raft of concerns about the machines' vulnerability to tampering.

WASHINGTON — The CIA, which has been monitoring foreign countries' use of electronic voting systems, has reported apparent vote-rigging schemes in Venezuela, Macedonia and Ukraine and a raft of concerns about the machines' vulnerability to tampering.

Appearing last month before a U.S. Election Assistance Commission field hearing in Orlando, Fla., a CIA cybersecurity expert suggested that Venezuelan President Hugo Chavez and his allies fixed a 2004 election recount, an assertion that could further roil U.S. relations with the Latin leader.

In a presentation that could provide disturbing lessons for the United States, where electronic voting is becoming universal, Steve Stigall summarized what he described as attempts to use computers to undermine democratic elections in developing nations. His remarks have received no news media attention until now.

Stigall told the Election Assistance Commission, a tiny agency that Congress created in 2002 to modernize U.S. voting, that computerized electoral systems can be manipulated at five stages, from altering voter registration lists to posting results.

"You heard the old adage 'follow the money,' " Stigall said, according to a transcript of his hour-long presentation that McClatchy obtained. "I follow the vote. And wherever the vote becomes an electron and touches a computer, that's an opportunity for a malicious actor potentially to . . . make bad things happen."

Stigall said that voting equipment connected to the Internet could be hacked, and machines that weren't connected could be compromised wirelessly. Eleven U.S. states have banned or limited wireless capability in voting equipment, but Stigall said that election officials didn't always know it when wireless cards were embedded in their machines.

While Stigall said that he wasn't speaking for the CIA and wouldn't address U.S. voting systems, his presentation appeared to undercut calls by some U.S. politicians to shift to Internet balloting, at least for military personnel and other American citizens living overseas. Stigall said that most Web-based ballot systems had proved to be insecure.

The commission has been criticized for giving states more than $1 billion to buy electronic equipment without first setting performance standards. Numerous computer-security experts have concluded that U.S. systems can be hacked, and allegations of tampering in Ohio, Florida and other swing states have triggered a campaign to require all voting machines to produce paper audit trails.

The CIA got interested in electronic systems a few years ago, Stigall said, after concluding that foreigners might try to hack U.S. election systems. He said he couldn't elaborate "in an open, unclassified forum," but that any concerns would be relayed to U.S. election officials.

Stigall, who's studied electronic systems in about three dozen countries, said that most countries' machines produced paper receipts that voters then dropped into boxes. However, even that doesn't prevent corruption, he said.

Turning to Venezuela, he said that Chavez controlled all of the country's voting equipment before he won a 2004 nationwide recall vote that had threatened to end his rule.

When Chavez won, Venezuelan mathematicians challenged results that showed him to be consistently strong in parts of the country where he had weak support. The mathematicians found "a very subtle algorithm" that appeared to adjust the vote in Chavez's favor, Stigall said.

Calls for a recount left Chavez facing a dilemma, because the voting machines produced paper ballots, Stigall said.

"How do you defeat the paper ballots the machines spit out?" Stigall asked. "Those numbers must agree, must they not, with the electronic voting-machine count? . . . In this case, he simply took a gamble."

Stigall said that Chavez agreed to allow 100 of 19,000 voting machines to be audited.

"It is my understanding that the computer software program that generated the random number list of voting machines that were being randomly audited, that program was provided by Chavez," Stigall said. "That's my understanding. It generated a list of computers that could be audited, and they audited those computers.

The disclosure of Stigall's remarks comes amid recent hostile rhetoric between President Barack Obama and Chavez. On Sunday, Chavez was quoted as reacting hotly to Obama's assertion that he's been "exporting terrorism," referring to the new U.S. president as a "poor ignorant person."

Questions about Venezuela's voting equipment caused a stir in the United States long before Obama became president, because Smartmatic, a voting machine company that partnered with a firm hired by Chavez's government, owned U.S.-based Sequoia Voting Systems until 2007. Sequoia machines were in use in 16 states and the District of Columbia at the time.

Reacting to complaints that the arrangement was a national security concern, the Treasury Department's Committee on Foreign Investment in the United States launched an investigation. Smartmatic then announced in November 2007 that it had sold Sequoia to a group of investors led by Sequoia's U.S.-based management team, thus ending the inquiry.

In the former Soviet republic of Georgia, Stigall said, hackers took resurrecting the dead to "a new art form" by adding the names of people who'd died in the 18th century to computerized voter-registration lists. Macedonia was accused of "voter genocide" because the names of so many Albanians living in the country were eradicated from the computerized lists, Stigall said.

He said that elections also could be manipulated when votes were cast, when ballots were moved or transmitted to central collection points, when official results were tabulated and when the totals were posted on the Internet.

"The implication is that these people were . . . making subtle adjustments to the vote. In other words, intercepting the votes before it goes to the official computer for tabulation."

Taped cell-phone calls of the ensuing cover-up led to nationwide protests and a second runoff, which Yushchenko won.

Election Assistance Commission officials didn't trumpet Stigall's appearance Feb. 27, and he began by saying that he didn't wish to be identified. However, the election agency had posted his name and biography on its Web site before his appearance.

Electronic voting systems have been controversial in advanced countries, too. Germany's constitutional court banned computerized machines this month on the grounds that they don't allow voters to check their choices.

Stigall said that some countries had taken novel steps that improved security.

For example, he said, Internet systems that encrypt vote results so they're unrecognizable during transmission "greatly complicates malicious corruption." Switzerland, he noted, has had success in securing Internet voting by mailing every registered citizen scratch cards that contain unique identification numbers for signing on to the Internet. Then the voters must answer personal security questions, such as naming their mothers' birthplaces.

Stigall commended Russia for transmitting vote totals over classified communication lines and inviting hackers to test its electronic voting system for vulnerabilities. He said that Russia now hoped to enable its citizens to vote via cell phones by next year.

"As Russia moves to a one-party state," he said, "they're trying to make their elections available . . . so everyone can vote for the one party. That's the irony."

After reviewing Stigall's remarks, Susannah Goodman, the director of election reform for the citizens' lobby Common Cause, said they showed that "we can no longer ignore the fact that all of these risks are present right here at home . . . and must secure our election system by requiring every voter to have his or her vote recorded on a paper ballot."